公开(公告)号：US11233804B2

公开(公告)日：2022-01-25

申请号：US16259939

申请日：2019-01-28

Applicant: Microsoft Technology Licensing, LLC

Inventor： Behnaz Arzani ,  Selim Ciraci ,  Stefan Saroiu ,  Alastair Wolman ,  Jack Wilson Stokes, III ,  Geoff Outhred

IPC: H04L29/06 ,  G06N20/00 ,  G06F9/455 ,  G06F21/62

Abstract: A compromise detection system protects data centers (DCs) or other providers in the cloud. The compromise detection system can detect compromised virtual machines (VMs) through changes in network traffic characteristics while avoiding expensive data collection and preserving privacy. The compromise detection system obtains and uses periodically-obtained flow pattern summaries to detect compromised VMs. Agent-based detection on predetermined and compromised VMs can expose (using supervised learning) the network behavior of compromised VMs and then apply the learned model to all VMs in the DC. The compromise detection system can run continuously, protect the privacy of cloud customers, comply with Europe's General Data Protection Regulation (GDPR), and avoid various techniques that both erode privacy and degrade VM performance.

公开(公告)号：US11032345B2

公开(公告)日：2021-06-08

申请号：US15976645

申请日：2018-05-10

Applicant: Microsoft Technology Licensing, LLC

Inventor： Eduardo A Cuervo Laffaye ,  Alastair Wolman ,  Stefan Saroiu ,  Sharad Agarwal ,  Paramvir Bahl ,  Landon Cox

IPC: H04L29/06 ,  H04N19/117 ,  H04N19/137 ,  H04N19/184 ,  H04N19/30

Abstract: Methods and devices for encoding and decoding data streams are disclosed. In some aspects, the data streams are multimedia data streams. One method disclosed includes obtaining, by a client device, a first multimedia data stream and a second multimedia data stream, the second multimedia data stream being a lower fidelity version of the first multimedia data stream, generating, by the client device, a third multimedia data stream based on differences between the first and second multimedia data streams, compressing, by the client device, the second multimedia data stream to generate a first compressed multimedia data stream, compressing, by the client device, the third multimedia data stream to generate a second compressed multimedia data stream; and transmitting, by the client device, the first and second compressed multimedia data steams to the server.

公开(公告)号：US10978171B2

公开(公告)日：2021-04-13

申请号：US16528053

申请日：2019-07-31

Applicant: Microsoft Technology Licensing, LLC

Inventor： Stefan Saroiu ,  Lucian Cojocar ,  Alastair Wolman

IPC: G11C29/50

Abstract: Aspects of the present disclosure relate to techniques for identifying susceptibility to induced charge leakage. In examples, a susceptibility test sequence comprising a cache line flush instruction is used to repeatedly activate a row of a memory unit. The susceptibility test sequence causes induced charge leakage within rows that are physically adjacent to the activated row, such that a physical adjacency map can be generated. In other examples, a physical adjacency map is used to identify a set of adjacent rows to a target row. A susceptibility test sequence is used to repeatedly activate the set of adjacent rows, after which the content of the target row is analyzed to determine whether the any bits of the target row flipped as a result of induced charge leakage. If flipped bits are not identified, an indication is generated that the memory unit is not susceptible to induced charge leakage.

公开(公告)号：US10805662B2

公开(公告)日：2020-10-13

申请号：US16694241

申请日：2019-11-25

Applicant: Microsoft Technology Licensing, LLC

Inventor： David Chiyuan Chu ,  Eduardo Alberto Cuervo Laffaye ,  Johannes Peter Kopf ,  Alastair Wolman ,  Yury Degtyarev ,  Kyungmin Lee ,  Sergey Grizan

IPC: G06T11/20 ,  H04N21/426 ,  A63F13/35 ,  G06T15/20 ,  H04L29/08

Abstract: A server device and method are provided for use in predictive server-side rendering of scenes based on client-side user input. The server device may include a processor and a storage device holding instructions for an application program executable by the processor to receive, at the application program, a current navigation input in a stream of navigation inputs from a client device over a network, calculate a predicted future navigation input based on the current navigation input and a current application state of the application program, render a future scene based on the predicted future navigation input to a rendering surface, and send the rendering surface to the client device over the network.

公开(公告)号：US09489512B2

公开(公告)日：2016-11-08

申请号：US14927988

申请日：2015-10-30

Applicant: MICROSOFT TECHNOLOGY LICENSING, LLC

Inventor： Stefan Thom ,  Jeremiah Cox ,  David Linsley ,  Magnus Nystrom ,  Himanshu Raj ,  David Robinson ,  Stefan Saroiu ,  Rob Spiger ,  Alastair Wolman

IPC: G06F11/00 ,  G06F21/55 ,  G06F21/57 ,  G06F21/71 ,  G06F21/74 ,  G06F21/46

CPC classification number: G06F21/552 ,  G06F21/46 ,  G06F21/57 ,  G06F21/572 ,  G06F21/575 ,  G06F21/71 ,  G06F21/74 ,  G06F2221/034

Abstract: A “Firmware-Based TPM” or “fTPM” ensures that secure code execution is isolated to prevent a wide variety of potential security breaches. Unlike a conventional hardware based Trusted Platform Module (TPM), isolation is achieved without the use of dedicated security processor hardware or silicon. In general, the fTPM is first instantiated in a pre-OS boot environment by reading the fTPM from system firmware or firmware accessible memory or storage and placed into read-only protected memory of the device. Once instantiated, the fTPM enables execution isolation for ensuring secure code execution. More specifically, the fTPM is placed into protected read-only memory to enable the device to use hardware such as the ARM® architecture's TrustZone™ extensions and security primitives (or similar processor architectures), and thus the devices based on such architectures, to provide secure execution isolation within a “firmware-based TPM” without requiring hardware modifications to existing devices.

Abstract translation: “基于固件的TPM”或“fTPM”确保安全代码执行被隔离，以防止各种潜在的安全漏洞。 与传统的基于硬件的可信平台模块（TPM）不同，在不使用专用安全处理器硬件或硅片的情况下实现隔离。 通常，通过从系统固件或固件可访问的存储器或存储器读取fTPM并将其放置在设备的只读受保护的存储器中，fTPM首先在前OS引导环境中实例化。 一旦实例化，fTPM就能实现执行隔离，以确保执行安全的代码。 更具体地说，将fTPM放置到受保护的只读存储器中，以使设备能够使用诸如ARM®架构的TrustZone™扩展和安全原语（或类似的处理器架构）之类的硬件，从而使基于这种架构的设备提供 在“基于固件的TPM”中安全执行隔离，无需硬件修改现有设备。

公开(公告)号：US20160234221A1

公开(公告)日：2016-08-11

申请号：US14875298

申请日：2015-10-05

Applicant: Microsoft Technology Licensing, LLC.

Inventor： Sasa Junuzovic ,  Yinpeng Chen ,  Cha Zhang ,  Dinei Florencio ,  Zhengyou Zhang ,  Alastair Wolman

IPC: H04L29/06 ,  H04W12/08 ,  H04W12/06

CPC classification number: H04L63/102 ,  H04L63/08 ,  H04L63/083 ,  H04L63/18 ,  H04M3/567 ,  H04W12/06 ,  H04W12/08 ,  H04W48/10

Abstract: Techniques for automatically connecting to a service controller are described herein. In one example, a service controller device includes a processor and a computer-readable memory storage device storing executable instructions that cause the processor to broadcast at least one of an access credential, connection information or an access credential hash embedded in an audio signal. The processor can also authenticate a client device based on a transmission of at least one of the connection information, the access credential, or the access credential hash from the client device to the client connector and transmit data to the client device in response to authenticating the client device.

Abstract translation: 本文描述了用于自动连接到服务控制器的技术。 在一个示例中，服务控制器设备包括处理器和存储可执行指令的计算机可读存储器设备，该可执行指令使处理器广播嵌入在音频信号中的访问凭证，连接信息或访问凭证散列中的至少一个。 处理器还可以基于从客户端设备到客户机连接器的连接信息，访问凭证或访问凭证散列中的至少一个的传输来认证客户端设备，并且响应于认证该客户端设备向客户端设备发送数据 客户端设备。

公开(公告)号：US20160219267A1

公开(公告)日：2016-07-28

申请号：US14603253

申请日：2015-01-22

Applicant: Microsoft Technology Licensing, LLC

Inventor： David Chiyuan Chu ,  Eduardo Alberto Cuervo Laffaye ,  Johannes Peter Kopf ,  Alastair Wolman ,  Yury Degtyarev ,  Kyungmin Lee ,  Sergey Grizan

IPC: H04N13/04

CPC classification number: H04N13/302 ,  H04L65/605 ,  H04N13/111 ,  H04N13/332

Abstract: A client device and method are provided for use in synthesizing a second eye viewport using interleaving in order to reduce bandwidth costs. The client device may comprise a user input device that receives a stream of user input, a stereoscopic display device, a processor, and a storage device holding instructions for a client application program, executable by the processor to obtain, at a view interpolation module of the client application program, a current rendered rendering surface representing a current view of a scene for a first eye of a user and a previously rendered rendering surface representing a past view of the scene for a second eye of the user, synthesize and display a current second eye viewport representing a current view of the scene for the second eye of the user based on the current rendered rendering surface and the previously rendered rendering surface.

Abstract translation: 提供了一种客户端设备和方法，用于使用交织合成第二眼视口，以便降低带宽成本。 客户端设备可以包括接收用户输入流的用户输入设备，立体显示设备，处理器和保存用于客户端应用程序的指令的存储设备，该处理器可由处理器执行以在视图插值模块 客户应用程序，表示用户的第一只眼睛的场景的当前视图的当前渲染渲染表面和表示用户的第二只眼睛的场景的过去视图的先前呈现的渲染表面，合成并显示当前视频 第二眼视口基于当前渲染渲染表面和先前渲染的渲染表面代表用户的第二只眼睛的场景的当前视图。

公开(公告)号：US20160134907A1

公开(公告)日：2016-05-12

申请号：US15000316

申请日：2016-01-19

Applicant: Microsoft Technology Licensing, LLC

Inventor： Alastair Wolman ,  Eduardo Alberto Cuervo Laffaye ,  Stefan Saroiu ,  Madanlal Musuvathi

IPC: H04N21/234 ,  H04N21/81 ,  H04N21/2343 ,  H04N21/43 ,  H04N21/647 ,  H04N21/426 ,  H04N21/242

CPC classification number: H04N21/23424 ,  H04N21/234327 ,  H04N21/234381 ,  H04N21/242 ,  H04N21/25 ,  H04N21/2662 ,  H04N21/41407 ,  H04N21/42653 ,  H04N21/4302 ,  H04N21/6131 ,  H04N21/6181 ,  H04N21/6379 ,  H04N21/647 ,  H04N21/8146 ,  H04N21/8166 ,  H04N21/8451

Abstract: Various technologies described herein pertain to performing collaborative rendering. A GPU of a mobile device can generate a mobile-rendered video stream based on a first instance of an application executed on the mobile device. A GPU of a server can generate one or more server-rendered video streams based on instance(s) of the application executed on the server. Based on the one or more server-rendered video streams, the server can generate a compressed server-manipulated video stream. The mobile device can further combine the mobile-rendered video stream and the compressed server-manipulated video stream to form a collaborative video stream, and a display screen of the mobile device can be caused to display the collaborative video stream. The mobile-rendered video stream can have a first level of a quality attribute and the collaborative video stream can have a second level of the quality attribute greater than the first level of the quality attribute.

Abstract translation: 本文描述的各种技术涉及执行协作呈现。 移动设备的GPU可以基于在移动设备上执行的应用的第一实例来生成移动渲染视频流。 服务器的GPU可以基于在服务器上执行的应用程序的实例生成一个或多个服务器渲染的视频流。 基于一个或多个服务器渲染的视频流，服务器可以生成压缩的服务器操纵的视频流。 移动设备可以进一步组合移动渲染视频流和压缩的服务器操纵的视频流以形成协作视频流，并且可以使移动设备的显示屏幕显示协作视频流。 移动渲染视频流可以具有质量属性的第一级，并且协作视频流可以具有大于质量属性的第一级的质量属性的第二级。

公开(公告)号：US20150222518A1

公开(公告)日：2015-08-06

申请号：US14690350

申请日：2015-04-17

Applicant: MICROSOFT TECHNOLOGY LICENSING, LLC

Inventor： Atul Adya ,  Alastair Wolman ,  John D. Dunagan

IPC: H04L12/26 ,  H04L29/08

CPC classification number: H04L65/1003 ,  H04L43/10 ,  H04L67/14 ,  H04L67/142

Abstract: Technologies, systems, and methods for ordered message delivery that avoid message races or crisscrosses between communicating nodes. For example, if Node A sends message 3 towards Node B and, shortly thereafter, Node B sends message X to Node A, Node A would like to know whether or not message X reflects Node B's state after receiving message 3. If Node B received message 3 prior to sending message X, then proper state may be maintained between the nodes. But if messages 3 and X crisscrossed, or if message 3 was never properly received by Node B, then the state between the nodes may be corrupt. Technologies, systems, and methods are provided to avoid such corruption.

公开(公告)号：US20150156330A1

公开(公告)日：2015-06-04

申请号：US14618831

申请日：2015-02-10

Applicant: Microsoft Technology Licensing, LLC

Inventor： Himanshu Raj ,  Stefan Saroiu ,  Alastair Wolman

IPC: H04M15/00

CPC classification number: H04M15/07 ,  H04L12/1457 ,  H04L12/1475 ,  H04M15/09 ,  H04M15/43 ,  H04W4/24

Abstract: The claimed subject matter provides a method for split billing. The method includes receiving a requested token. The requested token specifies conditions under which network traffic is allowed to be billed against a third party for content requested from a mobile computing device. The method also includes matching network traffic between the mobile computing device and a content provider to the specified conditions. The method further includes metering the matched network traffic to a billing account for the third party.

Abstract translation: 所要求保护的主题提供了分割计费的方法。 该方法包括接收所请求的令牌。 所请求的令牌指定了允许从移动计算设备请求的内容向第三方开帐单的网络流量的条件。 该方法还包括在指定条件下将移动计算设备与内容提供商之间的网络流量相匹配。 该方法还包括将匹配的网络流量计量到第三方的记帐帐户。